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LI 


7 


user with (history or activit$4 or 
behavior$4) same (web adj 
server$l)same (identifiers or ids) 
same database and 709/2$$.ccls. 


USPAT 


OR 


ON 


2007/04/14 14:51 


L2 


9 


user with (identifiers or ids) same 
(history or activit$4 or behavior$4) 
same (web adj server$l)same 
database and 709/2$$. eels. 


USPAT r 


OR 


ON 


2007/04/14 14:52 


L3 


0 


user with ((multi$4 or plurality) 
adj( identified 1 or id$l)) same 
(history or activit$4 or behavior$4) 
same (web adj server$l)same 
database and 709/2$$.ccls. 


USPAT 


OR 


ON 


2007/04/14 14:53 


L4 


0 


user with ((multi$4 or plurality) 
adj(identifier$l or id$l)) and 
(history or activit$4 or behavior$4) 
same (web adj server$l)same 
database and 709/2$$.ccls. 


USPAT 


OR 


ON 


2007/04/14 14:53 


L5 


141 


user with ((multi$4 or plurality) 
adj(identifier$l or id$l)) 


USPAT 


OR 


ON 


2007/04/14 14:53 


L6 


7 


user adj ((multi$4 or plurality) 
adj(identifier$l or id$l)) 


USPAT 


OR 


ON 


2007/04/14 14:53 


L7 


53 


user adj3 ((multi$4 or plurality) 
adifidentifieril or id41^ 


USPAT 


OR 


ON 


2007/04/14 14:54 


L8 


1 


user adj3 ((multi$4 or plurality) 
adj(identifier$l or id$l)) and 
(history or activit$4 or behavior$4) 
same (web adj server$l)same 
database 


USPAT 


OR 


ON 


2007/04/14 14:54 


L9 


21 


user adj3 ((multi$4 or plurality) 
adj(identifier$l or id$l)) and 
(history or activit$4 or behavior$4) 
and (web adj server$l)same 
database 


USPAT 


OR 


ON 


2007/04/14 14:58 


L10 


27 


user adj3 ((multi$4 or plurality) 
adj(identifier$l or id$l)) and 
(history or activit$4 or behavior$4) 
and (web adj server$l) 


USPAT 


OR 


ON 


2007/04/14 14:58 


Lll 


27 


(user adj3 ((multi$4 or plurality) 
adj( identified 1 or id$l))) and 
(history or activit$4 or behavior$4) 
and (web adj server$l) 


USPAT 


OR 


ON 


2007/04/14 14:58 


L12 


43 


(user adj3 ((multi$4 or plurality) 
adj(identifier$l or id$l))) and 
(history or activit$4 or behavior$4) 
and (web adj server$l) 


US-PGPUB; 
USPAT 


OR 


ON 


2007/04/14 15:00 
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L13 


0 


(user adj3 ((multi$4 or plurality) 
adj(identifier$l or id$l))) same 
(history or activit$4 or behavior$4) 
and (web adj server$l) 


US-PGPUB; 
USPAT 


OR 


ON 


2007/04/14 14:59 


L14 


2 


(user adj3 ((multi$4 or plurality) 
adj(identifier$l or id$l))) and 
(history or activit$4 or behavior$4) 
same (web adj server$l) 


US-PGPUB; 
USPAT 


OR 


ON 


2007/04/14 14:59 


S52 
9 


3 


(user adj distribute$4 adj server) 


USPAT 


OR 


ON 


2005/08/02 12:57 


S53 
0 


2597 


((user adj distribute$4 adj server) 
or uds) 


USPAT 


OR 


ON 


2005/08/02 12:58 


S53 
1 


2597 


((user adj distribute$4 adj server) 
or UDS) 


USPAT 


OR 


ON 


2005/08/02 12:58 


S53 
2 


38 


((user adj distribute$4 adj server) 
or UDS) same database 


USPAT 


OR 


ON 


2005/08/02 12:58 


S53 
3 


6 


((user adj distribute$4 adj server) 
or UDS) same database same 
server$l 


USPAT 


OR 


ON 


2005/08/02 12:59 


S53 
4 


0 


((user adj distribute$4 adj server) 
or UDS} same database same 
server$l and (service adj request$4 
adj node) 


USPAT 


OR 


ON 


2005/08/02 12:59 


S53 

•J 


3 


((user adj distribute$4 adj server) 
nr UD^ ^amp database same 
server$l and identifier 


USPAT 


OR 


ON 


2005/08/02 13:04 


S53 
6 


0 


((user adj distribute$4 adj server) 
or UDS^ same fDrimarv adi 
database) same server$l and 
identifier 


USPAT 


OR 


ON 


2005/08/02 13:05 


S53 
7 


3 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and identifier 


USPAT 


OR 


ON 


2005/08/02 13:24 


S53 
8 


1 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and identifier and 
709/2$$.ccls. 


USPAT 


OR 


ON 


2005/08/02 13:09 


S53 
9 


6 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and identify$4 


USPAT 


OR 


ON 


2005/08/02 13:25 


S54 

o 


3 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and identify$4 and LDAP 


USPAT 


OR 


ON 


2005/08/02 13:25 


S54 
1 


2 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and identify$4 and LDAP 
and radius 


USPAT 


OR 


ON 


2005/08/02 13:29 
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S54 
2 


2 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and identify$4 and LDAP 
and radius and ((domain adj name 
adj server) or DNS) 


USPAT 


OR 


ON 


2005/08/02 17:16 


S54 
3 


0 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and identify$4 and LDAP 
and radius and ((domain adj name 
adj server) or DNS) and 
((subscription adj locator adj 
function) or SLF) 


USPAT 


OR 


ON 


2005/08/02 13:54 

♦ 


S54 
4 


7 


((user adj distribute$4 adj server) 
or UDS) and ((subscription adj 
locator adj function) or SLF) 


USPAT 


OR 


ON 


2005/08/02 13:54 


S54 
5 


0 


((user adj distribute$4 adj server) 
or UDS) and ((subscription adj 
locator adj function) or SLF) same 
database$l same server$l and 
identify$4 and LDAP and radius 


USPAT 


OR 


ON 


2005/08/02 13:55 


S54 
6 


0 


((user adj distribute$4 adj server) 
or UDS) and ((subscription adj 
locator adj function) or SLF) same 
database$l same server$l and 
identify$4 and LDAP 


USPAT 


OR 


ON 


2005/08/02 13:55 


S54 
7 


0 


((user adj distribute$4 adj server) 
or UDS) and ((subscription adj 
locator adj function) or SLF) same 
database$l same server$l 


USPAT 


OR 


ON 


2005/08/02 13:55 


S54 
8 


0 


((user adj distribute$4 adj server) 
or UDS) and ((subscription adj 
locator adj function) or SLF) same 
database$l 


USPAT 


OR 


ON 


2005/08/02 13:55 


S54 
9 


7 


((user adj distribute$4 adj server) 
or UDS) and ((subscription adj 
locator adj function) or SLF) 
anddatabase$l 


USPAT 


OR 


ON 


2005/08/02 14:11 


S55 
0 


0 


((user adj distribute$4 adj server) 
or UDS) and ((subscription adj 
locator adi function} or SLF) and 
database$l 


USPAT 


OR 


ON 


2005/08/02 13:55 


S55 
1 


0 


((user adj distribute$4 adj server) 
or UDS) and ((subscription adj 
locator adj function) or SLF) and 
LDAP 


USPAT 


OR 


ON 


2005/08/02 13:55 


S55 
2 


7 


((user adj distribute$4 adj server) 
or UDS) and ((subscription adj 
locator adj function) or SLF) 


USPAT 


OR 


ON 


2005/08/02 13:56 
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S55 
3 


0 


((user adj distribute$4 adj server) 
or UDS) and ((subscription adj 
locator adj function) or SLF) and 
database$l 


USPAT 


OR 


ON 


2005/08/02 14:08 


S55 
4 


0 


((user adj distribute$4 adj server) 
or UDS) and ((subscription adj 
locator adj function) or SLF) and 
((home adj subscription and server) 
or hss) 


USPAT 


OR 


ON 


2005/08/02 14:09 


S55 
5 


0 


((user adj distribute$4 adj server) 
or UDS) and ((home adj 
subscription and server) or hss) 


USPAT 


OR 


ON 


2005/08/02 14:09 


S55 
6 


0 


((user adj distribute$4 adj server) 
or UDS) and (home adj subscription 
and server) 


USPAT 


OR 


ON 


2005/08/02 14:10 


S55 
7 


0 


((user adj distribute$4 adj server) 
or UDS) and (HSS) 


USPAT 


OR 


ON 


2005/08/02 14:10 


S55 
8 


0 


((user adj distribute$4 adj server) 
or UDS) and (Home adj subcription 
adj server) 


USPAT 


OR 


ON 


2005/08/02 14:10 


S55 
9 


0 


((user adj distribute$4 adj server) 
or UDS) and ((subscription adj 
locator adj function) or SLF) and 
database$l 


USPAT 


OR 


ON 


2005/08/02 14:11 


S56 
0 


7 


((user adj distribute$4 adj server) 
or UDS) and ((subscription adj 
locator adj function) or SLF) 


USPAT 


OR 


ON 


2005/08/02 14:11 


S56 
1 


0 


((home adj subcription adj server) 
or HSS) and ((subscription adj 
locator adj function) or SLF) 


USPAT 


OR 


ON 


2005/08/02 14:12 


S56 
2 


566 


((home adj subcription adj server) 
or HSS) 


USPAT 


OR 


ON 


2005/08/02 14:12 


S56 
3 


0 


((home adj subcription adj server) 
or HSS) and (UDS) 


USPAT 


OR 


ON 


2005/08/02 14:12 


S56 
4 


48 


((home adj subcription adj server) 
or HSS) and database 


USPAT 


OR 


ON 


2005/08/02 14:13 


S56 
5 


26 


((home adj subcription adj server) 
or HSS) and database and servers 


USPAT 


OR 


ON 


2005/08/02 14:13 


S56 
6 


12 


((home adj subcription adj server) 
or HSS) same database and servers 


USPAT 


OR 


ON 


2005/08/02 14:16 


S56 
7 


0 


((home adj subcription adj server) 
or HSS) same database and (SLF) 


USPAT 


OR 


ON 


2005/08/02 14:16 


S56 
8 


0 


((home adj subcription adj server) 
or HSS) same database and (UDS) 


USPAT 


OR 


ON 


2005/08/02 14:16 


S56 
9 


6 


((home adj subcription adj server) 
or HSS) same database and ((MSC) 
or mobile adj switch$4 adj center) 


USPAT 


OR 


ON 


2005/08/02 14:17 
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S57 
0 


0 


((home adj subcription adj server) 
or HSS) same database and ((MSC) 
or mobile adj switch$4 adj center) 
and (gateway adj server) 


USPAT 


OR 


ON 


2005/08/02 14:18 


S57 
1 


5 


((home adj subcription adj server) 
or HSS) same database and ((MSC) 
or mobile adj switch$4 adj center) 
and gateway 


USPAT 


OR 


ON 


2005/08/02 14:18 


S57 
2 


1 


((home adj subcription adj server) 
or HSS) same database and ((MSC) 
or mobile adj switch$4 adj center) 
and gateway and ((domain adj 
name and server) or DNS) 


USPAT 


OR 


ON 


2005/08/02 14:18 


S57 
3 


1 


((home adj subcription adj server) 
or HSS) same database and ((MSC) 
or mobile adj switch$4 adj center) 
and gateway and ((domain adj 
name and server) or DNS) and 
LDAP 


USPAT 


OR 


ON 


2005/08/02 14:18 


S57 
4 


90 


(proxy or portal) same servers 
same (user adj profile) 


USPAT 


OR 


ON 


2005/08/02 17:16 


S57 
5 


10 


(proxy or portal) same servers 
same (user adj profile) same query 


USPAT 


OR 


ON 


2005/08/02 17:16 


S57 
6 


3 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and identify$4 and LDAP 


USPAT 


OR 


ON 


2006/02/20 17:49 


S57 
7 


0 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and (plurality adj 
identify$4) and LDAP 


USPAT 


OR 


ON 


2006/02/20 17:50 


S57 
8 


0 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and (plural$3 adj 
identify$4) and LDAP 


USPAT 


OR 


ON 


2006/02/20 17:50 


S57 
9 


0 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and (multi$3 adj 
identify$4) and LDAP 


USPAT 


OR 


ON 


2006/02/20 17:50 


S58 
0 


2 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and identifiers and LDAP 


USPAT 


OR 


ON 


2006/02/20 17:50 


S58 
1 


2 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and identifier$l and LDAP 


USPAT 


OR 


ON 


2006/02/20 17:51 


S58 
2 


2 


((user adj distribute$4 adj server) 
or UDS) same database$l same 
server$l and identifiers and LDAP 


USPAT 


OR 


ON 


2006/02/20 17:52 
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S58 
3 


1 


database$l same server$l and 
((mulit$3 or plurality) adj 
identifier$l) and LDAP 


USPAT 


OR 


ON 


2006/02/20 17:52 


S58 
4 


1347 


(history or log$4) same (web adj 
server$l) same user$l 


USPAT 


OR 


ON 


2006/06/07 17:00 


S58 
5 


399 


(history or log$4) with (web adj 
server$l) with user$l 


USPAT 


OR 


ON 


2006/06/07 17:00 


S58 
6 


194 


(history or log$4) with (web adj 
server$l) with user$l and 709/2$$. 
eels. 


USPAT 


OR 


ON 


2006/06/07 17:00 


S58 
7 


39 


(history or log$4) with (web adj 
serverfi 1^ with user$l same 
(identifier or id )and 709/2$$.ccls. 


USPAT 


OR 


ON 


2006/06/07 17:01 


S58 
8 


39 


(history or log$4) with (web adj 
server$l) with user$l same 
fidentifier$l or id$l^and 709/2$$ 
eels. 


USPAT 


OR 


ON 


2006/06/07 17:01 


S58 
9 


1082 


(history or log$4) with (web adj 
server$l) nearuser$l same 
fidentifier$l or id$ltend 709/2$$ 
eels. 


USPAT 


OR 


ON 


2006/06/07 17:01 


S59 
0 


11 


(history or log$4) near3 (web adj 
server$l) near3 user$l same 
(identifier$l or id$l)and 709/2$$. 

1 1 Vi V*>l 1 W 1 IV* 1 *4r *L \# 1 1 V4 «k J VI 1 1 VI / \f wf g • 

eels. 


USPAT 


OR 


ON 


2006/06/07 17:02 


S59 
1 


8 


(history or log$4) near3 (web adj 
server$l) near3 user$l same 
(identifier$l or id$l)same database 
and 709/2$$ eels 


USPAT 


OR 


ON 


2006/06/07 17:08 


S59 
2 


0 


user$4 with (history or activit$4 or 
behavior$4) near3 (web adj 
server$l) near3 user$l same 
(identifier$l or id$l)same database 
and 709/2$$.ccls. 


USPAT 


OR 


ON 


2006/06/07 17:09 


S59 
3 


0 


user$4 with (history or activit$4 or 
behavior$4) near3 (web adj 
server$l) same user$l same 
f identified 1 or id$l^same database 
and 709/2$$.ccls. 


USPAT 


OR 


ON 


2006/06/07 17:09 


S59 
4 


3115 


user$4 with (history or activit$4 or 
behavior$4) same (web adj 
server$l) ( identifier^ 1 or id$l) 
same database and 709/2$$. ecls. 


USPAT 


OR 


ON 


2006/06/07 17:09 


S59 
5 


7 


user$4 with (history or activit$4 or 
behavior$4) same (web adj 
server$l)same (identifier$l or id$l) 
same database and 709/2$$.ccls. 


USPAT 


OR 


ON 


2007/04/14 14:50 
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TITLE: 



Log-on service providing credential level change without loss of 
session continuity 



Brief Summary Text - BSTX (5): 

The internet has become an important medium for information services and electronic 
commerce. As the internet has been commercialized, organizations initially established their 
presence in cyberspace by making information (typically static, non-sensitive promotional 
information) available on resources well removed from the operational infrastructure of the 
organization. Security issues were often addressed by isolating publicly accessible resources 
(e.g., web servers) from more sensitive assets using firewall techniques. As long as the 
publicly accessible information and resources were relatively non-sensitive and user 
interactions with such information and resources was not mission critical, relatively simple 
firewall techniques were adequate. Though information and resources outside the firewall 
were at risk, the risk could generally be limited to non-proprietary information that was easily 
replaceable if compromised. Proprietary information and systems critical to day-to-day 
operations were sheltered behind the firewall and information flows across the firewall were 
filtered to exclude all but the comparatively non-threatening services such as electronic mail. 

Brief Summary Text - BSTX (8): 

Another problem with individualized solutions is a veritable explosion in the number of 
access controls confronting a user. As more and more business is conducted using computer 
systems, users are confronted with multiple identifiers and passwords for various systems, 
resources or levels of access. Administrators are faced with the huge problem of issuing, 
tracking and revoking the identifiers associated with their users. As the "user" community 
grows to include vendors, customers, potential customers, consultants and others in addition 
to employees, a huge "id explosion" faces administrators. Furthermore, as individual users are 
themselves confronted with large numbers of identifiers and passwords, adherence to 
organizational security policies such as password restrictions, and requirements (e.g., length, 
character and/or case complexity, robustness to dictionary or easily-ascertainable information 
attack, frequency of update, etc.) may be reduced. As users acquire more passwords-sortie 
individuals may have 50 or more-they cannot help but write down or create easy-to- 
remember, and easy-to-compromise, passwords. 

Detailed Description Text - DETX (33): 

Generally, mapping rule logic is evaluated before a user is challenged to authenticate. 
Mapping occurs as a function of session environment and particulars of the information 
resource for which access is requested. By evaluating the minimum trust level required by the 
target of an access request, a service (e.g., a login service such as provided by login 
component 120) derives a list of potential authentication methods. The service then checks 
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current session environment against the allowed environment states for each potential 
authentication method to trim the list further. If there is no particular resource for which access 
is being requested (e.g., if a user jumps straight to a sign-on page without requesting an 
access), the service will proceed according to the lowest level of trust available consistent with 
session environment. Other configurations may employ differing default behaviors . 

Detailed Description Text - DETX (65): 

In an exemplary embodiment, at least some of the above-described components are 
implemented as servlets executable in the context of a commercially-available web server 
environment. For example, the Java.TM. Embedded Server (JES) architecture with extensions 
for certificate handling, HyperText Transfer Protocol (HTTP), Simple Network Management 
Protocol (SNMP), Secure Sockets Layer (SSL), extensible Markup Language (XML) grammar 
processing and security Access Control List (ACL) support available from Sun Microsystems, 
Inc. is one suitable environment. Java and all Java-based marks and logos are trademarks or 
registered trademarks of Sun Microsystems, Inc. in the United States and other countries. 

Detailed Description Text - DETX (66): 

In general, the description herein is focused on aspects of a security architecture, rather 
than on peculiarities of a particular implementation environment. It is envisioned that security 
architectures in accordance with the teachings of the present invention may be implemented in 
the context of many commercially-available networked information service environments, 
including web server environments, as well as in custom environments and environments that 
in the future will be developed. However, to facilitate an understanding of broad concepts 
using a specific exemplary environment, and without limitation, the description herein may 
include terminology specific to the Java Embedded Server (JES) architecture. Nonetheless, 
based on this description, persons of ordinary skill in the art will appreciate implementations 
suitable for other environments. The scope of the invention, as defined by the claims that 
follow, is not limited to any specific implementation environment. 
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